More than 600 patients affected by Southern Illinois Healthcare breach

Southern Illinois Healthcare (SIH) is providing notice and offering free credit repair and monitoring services to more than 600 patients potentially impacted by an isolated incident involving the misdirection of data to other HIPPA-governed medical facilities by a third party vendor.

SIH has a business relationship with Experian Health, through which Experian Health provides information to SIH facilities for the purpose of verifying insurance eligibility during the patient registration process.

On April 28, 2017, Experian Health notified SIH of a technical error caused by a server migration project, which resulted in the delivery of certain patient information to incorrect medical facilities between Feb. 13 and March 13, 2017.

The misdirected data may have included the following: name; date of birth; gender; address; Medicare ID/HIC number or Member ID number for non-Medicare patients; payer/insurance company name; group policy number; group number; and/or Medicaid case number. Upon learning of the error, Experian Health took immediate action to identify the cause and correct the error.

"We deeply regret this incident occurred. Experian Health assures us the information would only have been viewed or saved by another medical facility governed by the Health Insurance Portability and Accountability Act, or HIPAA," said SIH Privacy Officer Marcia Matthias. "During the course of SIH's investigation into the incident, Experian Health confirmed the error has been resolved."

SIH mailed notice of the incident to affected patients for whom it has current addresses and posted notice of the incident on its websites, www.sih.net and www.sihmedicalgroup.net. The letter and websites provide additional details about the incident, along with a toll-free number (855) 259-6436 for assistance and precautionary steps that can be taken by affected patients.